Back
WordPress Related Posts Plugin <= 1.3.1 - CSRF
- Product
- Related Posts
- Description
- Because of this vulnerability, the attackers can hijack the authentication of unspecified users for requests that change settings via unknown vectors.
- Solution
- Update the plugin.
- Classification
-
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
- References
-
CVE Mitre
- CVE
- Name CVE-2013-3477
- Versions
-
Affected In
<= 1.3.1
Fixed In 1.3.2
- Disclosure date
- 2013-05-07
- Credits
- Charlie Eriksen